Skip to main content

Research Repository

Advanced Search

An investigation of interoperability issues between authorisation systems within web services

Zhang, Yunxi


Yunxi Zhang


Tanko Ishaya


The existing authorisation systems within the context of Web Services mainly apply two access control approaches – Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC). The RBAC approach links an authenticated Web Service Requester to its specific access control permission through roles, but RBAC is not flexible enough to cater for some cases where extra attribute information is needed in addition to the identity. By contrast, the ABAC approach has more flexibility, as it allows a Web Service Requester to submit necessary credentials containing extra attribute information that can fulfil the policies declared by a Web Service Provider, which aims to protect the sensitive resources/services.

RBAC and ABAC can only help to establish a unilateral trust relationship between two Web Services to enable a Web Service Provider to make an access control decision. Unfortunately, the nature of Web Services presents a high probability that two Web Services may not know each other. Therefore, successful authorisation may fail, if the Web Service Requester does not trust the Web Service Provider.

Trust Negotiation (TN) is also an access control approach, which can provide a bilateral trust relationship between two unknown entities, so it sometimes can enable authorisation success in situations where success is not possible through RBAC or ABAC approaches. However, interoperability issues will arise between authorisation systems within Web Services, where a bilateral trust-based authorisation solution is applied. In addition, a lack of a unified approach that can address the interoperability issues remains as a research problem. This research aims to explore possible factors causing the lack of interoperability first, and then to explore an approach that can address the interoperability issues. The main contributions of this research are an improved interoperability model illustrating interoperability issues at different layers of abstraction, and a novel interoperability-solution design along with an improved TN protocol as an example of utilising this design to provide interoperability between authorisation systems within Web Services.


Zhang, Y. (2014). An investigation of interoperability issues between authorisation systems within web services. (Thesis). University of Hull. Retrieved from

Thesis Type Thesis
Deposit Date Jul 31, 2015
Publicly Available Date Feb 23, 2023
Keywords Arts and new media
Public URL
Additional Information School of Arts and New Media, The University of Hull
Award Date Sep 1, 2014


Thesis (3.6 Mb)

Copyright Statement
© 2014 Zhang, Yunxi. All rights reserved. No part of this publication may be reproduced without the written permission of the copyright holder.

You might also like

Downloadable Citations